e1dd30dcc0b58f4775fd17eb47e826df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e1dd30dcc0b58f4775fd17eb47e826df_JaffaCakes118
Size

134KB
MD5

e1dd30dcc0b58f4775fd17eb47e826df
SHA1

0121a82de4c9352e844963d45895d7890497b97c
SHA256

d1ad6d58dc4ac4ceb31b873c0c1a7e98794f988be950e061216ed622eb22ed74
SHA512

9a1f360b20ffd5cbd161f9d97831dde9e82994332f646256fa4a2f1a95b514ab03c460a8555417282bcd311165ca74e2f996ab17a5bded637cfd9a54bee9382f
SSDEEP

3072:sU43z36wyxQJUofaZ/bTqNK8Pd5NduyjE:sUPxw7U/bTqNKid5jE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1dd30dcc0b58f4775fd17eb47e826df_JaffaCakes118

Files

e1dd30dcc0b58f4775fd17eb47e826df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c45ab0d74c9ec5cd613249c3399c655

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventW
VirtualFree
TerminateProcess
GetLocaleInfoW
GetCommandLineW
MultiByteToWideChar
CloseHandle
GetStartupInfoA
PeekNamedPipe
LocalAlloc
GetModuleHandleA
FindClose
InitializeCriticalSection
ReadFile
CreateFileA
MulDiv
lstrcmpW
GetDriveTypeA
TlsGetValue
FreeEnvironmentStringsA
SetCurrentDirectoryW
GetSystemTimeAsFileTime
WriteConsoleA
GetSystemInfo
HeapReAlloc
GetTimeZoneInformation
GetUserDefaultLCID
HeapFree
SetFileAttributesW
GetLastError
lstrcatW
SetEndOfFile
RaiseException
lstrcmpiW
GlobalAlloc
GetCurrentProcess
GetTempPathW
CreateFileW
LocalFree
GetLocaleInfoA
GetModuleHandleW
GetStringTypeA
EnumSystemLocalesA
IsValidCodePage
GetCurrentDirectoryW
DeleteFileW
GetStdHandle
FreeEnvironmentStringsW
GetOEMCP
lstrcpyW
GlobalLock
ResumeThread
EnterCriticalSection
GetLongPathNameW
LCMapStringA
CreateEventW
LoadLibraryA
GetFullPathNameW
MoveFileW
CopyFileW
GetTimeFormatA
QueryPerformanceCounter
HeapDestroy
GlobalSize
VirtualAlloc
GetProcAddress
FlushFileBuffers
GetStringTypeW
LCMapStringW
HeapSize
SetStdHandle
SetFilePointer
VirtualProtect
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
VirtualQuery
InterlockedExchange
RtlUnwind
IsBadWritePtr
GetCPInfo
GetACP
HeapAlloc
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
UnhandledExceptionFilter
GetModuleFileNameA
WriteFile
ExitProcess
GetVersionExA
GetCommandLineA

user32

SetCaretPos
SetClipboardData
UnhookWindowsHookEx
CheckMenuRadioItem
PeekMessageW
CallWindowProcA
GetSysColor
SetParent
IsZoomed
SystemParametersInfoW
GetWindowLongW
GetFocus
ModifyMenuW
InflateRect
MonitorFromWindow
PostMessageW
TrackPopupMenu
TranslateAcceleratorW
SetScrollPos
ScrollWindow
GetKeyState
SetWindowTextW
PtInRect
DrawMenuBar
DestroyWindow
IsDialogMessageW
FillRect
LoadMenuW
CreateMenu

comdlg32

PageSetupDlgA
ChooseColorW
GetFileTitleW
FindTextW
ChooseColorA
ReplaceTextW
GetOpenFileNameW
ChooseFontA
FindTextA
GetFileTitleA
PageSetupDlgW
PrintDlgA
PrintDlgW
GetOpenFileNameA
GetSaveFileNameA
GetSaveFileNameW
ChooseFontW
ReplaceTextA

oleaut32

VarUI8FromDisp

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c45ab0d74c9ec5cd613249c3399c655

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

oleaut32

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 91KB - Virtual size: 140KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 91KB - Virtual size: 140KB

.rsrc
Size: 4KB - Virtual size: 4KB